mux.add_s(ent) # add an aci for this user on the farm mod = [(ldap.MOD_ADD, 'aci', '(targetattr = "*") (version 3.0; acl "Administration User ACL";allow (all)(userdn = "ldap:///uid=ttestuser,cn=config");)')] farm.modify_s(suffix, mod) admin = DSAdmin(host1, port1, admindn, adminpw) # add a new user using the admin account, first without user password dn = "uid=chainuser," + suffix ent = Entry(dn) ent.setValues('objectclass', 'inetOrgPerson') ent.setValues('cn', 'Chain User') ent.setValues('sn', 'Chain') ent.setValues('givenName', 'User') admin.add_s(ent) print "added entry", dn # next, try it with userPassword dn = "uid=chainuser2," + suffix ent = Entry(dn) ent.setValues('objectclass', 'inetOrgPerson') ent.setValues('cn', 'Chain User') ent.setValues('sn', 'Chain') ent.setValues('givenName', 'User') ent.setValues('userPassword', "password") admin.add_s(ent) # search for user on farm ents = farm.search_s(dn, ldap.SCOPE_BASE) if not ents:
# existing IPA user to be synced with AD userObjClasses = [ 'top', 'person', 'organizationalPerson', 'inetOrgPerson' ] if useds: print "Create sub-ou's on the AD side and add users . . ." ii = 0 dns = ['ou=people,' + suffix, 'ou=1,ou=people,' + suffix, 'ou=2,ou=people,' + suffix, 'ou=11,ou=1,ou=people,' + suffix, 'ou=12,ou=1,ou=people,' + suffix] for dn in dns: ent = Entry(dn) ent.setValues('objectclass', 'organizationalUnit') try: ad.add_s(ent) except ldap.ALREADY_EXISTS: pass print "Add users to", dn for jj in range(0,5): strii = str(ii) userdn = 'cn=Test User' + strii + ',' + dn ent = Entry(userdn) userid = 'userid' + strii ent.setValues('objectclass', ['person', 'adPerson']) ent.setValues('sn', 'User' + strii) ent.setValues('samAccountName', userid) ent.setValues('objectGUID', struct.pack('B', ii)) ent.setValues('name', 'Test User' + strii) # same as cn try: ad.add_s(ent) except ldap.ALREADY_EXISTS: pass userids[userid] = userdn
mod = [( ldap.MOD_ADD, 'aci', '(targetattr = "*") (version 3.0; acl "Administration User ACL";allow (all)(userdn = "ldap:///uid=ttestuser,cn=config");)' )] farm.modify_s(suffix, mod) admin = DSAdmin(host1, port1, admindn, adminpw) # add a new user using the admin account, first without user password dn = "uid=chainuser," + suffix ent = Entry(dn) ent.setValues('objectclass', 'inetOrgPerson') ent.setValues('cn', 'Chain User') ent.setValues('sn', 'Chain') ent.setValues('givenName', 'User') admin.add_s(ent) print "added entry", dn # next, try it with userPassword dn = "uid=chainuser2," + suffix ent = Entry(dn) ent.setValues('objectclass', 'inetOrgPerson') ent.setValues('cn', 'Chain User') ent.setValues('sn', 'Chain') ent.setValues('givenName', 'User') ent.setValues('userPassword', "password") admin.add_s(ent) # search for user on farm ents = farm.search_s(dn, ldap.SCOPE_BASE) if not ents:
{'description': 'normal, regular AD account disabled, do not expire password', 'userAccountControl': 512 + 2 + 65536} ] userids_disabled = {} if useds: print "Create sub-ou's on the AD side and add users . . ." ii = 0 dns = ['ou=people,' + suffix, 'ou=1,ou=people,' + suffix, 'ou=2,ou=people,' + suffix, 'ou=11,ou=1,ou=people,' + suffix, 'ou=12,ou=1,ou=people,' + suffix] for dn in dns: ent = Entry(dn) ent.setValues('objectclass', 'organizationalUnit') try: ad.add_s(ent) except ldap.ALREADY_EXISTS: pass print "Add users to", dn for jj in range(0,5): strii = str(ii) userdn = 'cn=Test User' + strii + ',' + dn ent = Entry(userdn) userid = 'userid' + strii ent.setValues('objectclass', ['person', 'adPerson']) ent.setValues('sn', 'User' + strii) ent.setValues('samAccountName', userid) ent.setValues('objectGUID', struct.pack('B', ii)) ent.setValues('name', 'Test User' + strii) # same as cn kk = ii % len(userAcctVals) for attr, val in userAcctVals[kk].iteritems(): ent.setValues(attr, str(val))
agmtm1tom2 = m1.setupAgreement(m2, m1replargs) m1.startReplication_async(agmtm1tom2) print "waiting for init to finish" m1.waitForReplInit(agmtm1tom2) agmtm2tom1 = m2.setupAgreement(m1, m2replargs) nents = 5 m1ents = range(nents) m2ents = range(len(m1ents), len(m1ents) + nents + 1) print "Add %d entries to m2" % len(m2ents) for ii in m2ents: dn = "cn=%d, %s" % (ii, basedn) ent = Entry(dn) ent.setValues('objectclass', 'person') ent.setValues('sn', 'testuser') m2.add_s(ent) print "Added m2 entry", dn print "Add %d entries to m1" % len(m1ents) for ii in m1ents: dn = "cn=%d, %s" % (ii, basedn) ent = Entry(dn) ent.setValues('objectclass', 'person') ent.setValues('sn', 'testuser') m1.add_s(ent) print "Added m1 entry", dn print "Sleep for 5 seconds to let changes propagate . . ." time.sleep(5) print "see if m1 entries made it to m2"
}] userids_disabled = {} if useds: print "Create sub-ou's on the AD side and add users . . ." ii = 0 dns = [ 'ou=people,' + suffix, 'ou=1,ou=people,' + suffix, 'ou=2,ou=people,' + suffix, 'ou=11,ou=1,ou=people,' + suffix, 'ou=12,ou=1,ou=people,' + suffix ] for dn in dns: ent = Entry(dn) ent.setValues('objectclass', 'organizationalUnit') try: ad.add_s(ent) except ldap.ALREADY_EXISTS: pass print "Add users to", dn for jj in range(0, 5): strii = str(ii) userdn = 'cn=Test User' + strii + ',' + dn ent = Entry(userdn) userid = 'userid' + strii ent.setValues('objectclass', ['person', 'adPerson']) ent.setValues('sn', 'User' + strii) ent.setValues('samAccountName', userid) ent.setValues('objectGUID', struct.pack('B', ii)) ent.setValues('name', 'Test User' + strii) # same as cn kk = ii % len(userAcctVals) for attr, val in userAcctVals[kk].iteritems():
agmtm1tom2 = m1.setupAgreement(m2, m1replargs) m1.startReplication_async(agmtm1tom2) print "waiting for init to finish" m1.waitForReplInit(agmtm1tom2) agmtm2tom1 = m2.setupAgreement(m1, m2replargs) nents = 5 m1ents = range(nents) m2ents = range(len(m1ents), len(m1ents)+nents+1) print "Add %d entries to m2" % len(m2ents) for ii in m2ents: dn = "cn=%d, %s" % (ii, basedn) ent = Entry(dn) ent.setValues('objectclass', 'person') ent.setValues('sn', 'testuser') m2.add_s(ent) print "Added m2 entry", dn print "Add %d entries to m1" % len(m1ents) for ii in m1ents: dn = "cn=%d, %s" % (ii, basedn) ent = Entry(dn) ent.setValues('objectclass', 'person') ent.setValues('sn', 'testuser') m1.add_s(ent) print "Added m1 entry", dn print "Sleep for 5 seconds to let changes propagate . . ." time.sleep(5) print "see if m1 entries made it to m2"